9259 matches found
Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-076 (ALASNITRO-ENCLAVES-2025-076)
The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-076 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than...
Important: runfinch-finch
Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...
Exploit for Improper Restriction of XML External Entity Reference in Jetbrains Ktor
CVE-2023-45612 PoC This repository contains a proof of concep...
CVE-2025-52881 vulnerabilities
Vulnerabilities for packages: k8s-device-plugin, k9s, mesosphere-vsphere-csi, zot, nerdctl, skaffold, wolfictl, trivy-operator, k3s, neuvector-scanner, osv-scanner, checksec, syft, grype, buildah, xeol, envoy-gateway, kubernetes, zarf, newrelic-infrastructure-agent, nvidia-container-toolkit, triv...
GHSA-CGRX-MC8F-2PRM vulnerabilities
Vulnerabilities for packages: k8s-device-plugin, k9s, mesosphere-vsphere-csi, zot, nerdctl, skaffold, wolfictl, trivy-operator, k3s, neuvector-scanner, osv-scanner, checksec, syft, grype, buildah, xeol, envoy-gateway, kubernetes, zarf, newrelic-infrastructure-agent, nvidia-container-toolkit, triv...
CVE-2025-52881 vulnerabilities
Vulnerabilities for packages: docker, trivy, sriov-network-device-plugin, xeol, grype-db, newrelic-infrastructure-agent-fips, wolfictl, newrelic-infrastructure-agent, sriov-network-device-plugin-fips, kubescape-operator, trivy-operator, containerd-fips, kots, node-feature-discovery, zot, syft-fip...
GHSA-CGRX-MC8F-2PRM vulnerabilities
Vulnerabilities for packages: docker, trivy, sriov-network-device-plugin, xeol, grype-db, newrelic-infrastructure-agent-fips, wolfictl, newrelic-infrastructure-agent, sriov-network-device-plugin-fips, kubescape-operator, trivy-operator, containerd-fips, kots, node-feature-discovery, zot, syft-fip...
CVE-2025-64329
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
CVE-2025-52881 runc: LSM labels can be bypassed with malicious config using dummy procfs files
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...
CVE-2025-52881
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...
CVE-2025-52881
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...
CVE-2024-25621
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...
SUSE CVE-2025-52881
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...
UBUNTU-CVE-2025-52881
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...
PT-2026-22403
Name of the Vulnerable Software and Affected Versions Docker Model Runner versions prior to 1.0.16 Docker Desktop versions prior to 4.61.0 when Model Runner is enabled Description Docker Model Runner is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expo...
Low: runc
Issue Overview: No CVE associated with this advisory Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...
Fedora 44 : docker-buildkit (2025-c1b04cbaba)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c1b04cbaba advisory. Automatic update for docker-buildkit-0.25.2-1.fc44. Changelog Wed Nov 5 2025 Bradley G Smith - 0.25.2-1 - Update to v0.25.2 - CVE-2025-58183;...
PT-2025-45375
Name of the Vulnerable Software and Affected Versions runc versions 1.2.7 through 1.3.2 runc version 1.4.0-rc.2 Description The runC tool is a lightweight implementation of the Open Container Format OCF used for container runtime. A flaw exists in runC that allows an attacker to manipulate writes...
Important Photon OS Security Update - PHSA-2025-5.0-0667
Updates of 'docker-compose' packages of Photon OS have been released...
[SECURITY] Fedora 43 Update: skopeo-1.20.0-5.fc43
Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...